When I get a spoofed email from someone it’s easy to spot but how do they know who to spoof?
So this morning I got an email from my brother in law, they used his name, but obviously not his address.
My question is how did they know to use his name? Is his email compromised and that’s how they got his name and my email address or is the compromise on my side, or is it as simple as email is easy to read the to from and nothing is necessarily compromised?
In: Technology
That is a possibility. If someone has an easy-to-guess email password, or their computer gets a virus, a bad guy could get their hands on their contact lists. Either the actual contact list, or just dump the mailbox pulling names and addresses out of emails.
Of course there are plenty of other ways. Phones infected with a virus might dump their contact list. Guessing a Facebook password… Web sites with family tree information… there’s all sorts of ways to find this information out. All they need is a name you’ll trust.
Of course the email address isn’t right. They want you to hit “Reply” and have what you type go to the bad guy, not your actual brother-in-law. That would defeat the purpose of faking his name trying to take advantage of your trust.
Latest Answers